github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/cmd/securityHub.go

github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/cmd/securityHub.go (about)

     1  package cmd
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"log"
     7  
     8  	"github.com/aws/aws-sdk-go-v2/config"
     9  	"github.com/aws/aws-sdk-go-v2/service/securityhub"
    10  	"github.com/aws/aws-sdk-go-v2/service/securityhub/types"
    11  	"github.com/khulnasoft-lab/kube-bench/internal/findings"
    12  	"github.com/spf13/viper"
    13  )
    14  
    15  // REGION ...
    16  const REGION = "AWS_REGION"
    17  
    18  func writeFinding(in []types.AwsSecurityFinding) error {
    19  	r := viper.GetString(REGION)
    20  	if len(r) == 0 {
    21  		return fmt.Errorf("%s not set", REGION)
    22  	}
    23  	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithRegion(r))
    24  	if err != nil {
    25  		return err
    26  	}
    27  
    28  	svc := securityhub.NewFromConfig(cfg)
    29  	p := findings.New(*svc)
    30  	out, perr := p.PublishFinding(in)
    31  	print(out)
    32  	return perr
    33  }
    34  
    35  func print(out *findings.PublisherOutput) {
    36  	if out.SuccessCount > 0 {
    37  		log.Printf("Number of findings that were successfully imported:%v\n", out.SuccessCount)
    38  	}
    39  	if out.FailedCount > 0 {
    40  		log.Printf("Number of findings that failed to import:%v\n", out.FailedCount)
    41  		for _, f := range out.FailedFindings {
    42  			log.Printf("ID:%s", *f.Id)
    43  			log.Printf("Message:%s", *f.ErrorMessage)
    44  			log.Printf("Error Code:%s", *f.ErrorCode)
    45  		}
    46  	}
    47  }